ONTAP (WAFL really) supports a maximum of 32 supplemental group ids in a credential, plus the one primary group id.
NFS over AUTH_SYS (aka weak authentication, sec=sys on the exportfs command line) is limited to 16 supplemental groups.
NFS over Kerberos authentication (sec=krb5) is limited by WAFL to 32 supplemental group ids.
I am 100% sure.
My blog has more details.
http://nfsworld.blogspot.com/2005/03/whats-deal-on-16-group-id-limitation.ht...
-mre I work for NetApp but post with a non-NetApp email address to keep my spa life separate from my work life.
--- "Fox, Adam" Adam.Fox@netapp.com wrote:
I'm 99% sure the limit for ONTAP is 32.
-- Adam Fox adamfox@netapp.com
-----Original Message----- From: owner-dl-toasters@jhereg.corp.netapp.com [mailto:owner-dl-toasters@jhereg.corp.netapp.com] On Behalf Of Francois Joubert Sent: Thursday, March 01, 2007 12:49 PM To: toasters@mathworks.com Subject: Maximum number of groups per user
Hi
I am new to the list. I have been trying to get a definitive statement from NetApp about the maximum number of groups a user can belong to if we rely on the /etc/group and /etc/passwd files on the filer.
The setup we have tested has CIFS clients (Windows2000) with the filer part of a workgroup. We rely on unix group permissions for access to data directories. We are not using any NFS, NIS, LDAP or NT domain - all local authentication etc.
I have done some testing and it appears the limit is 32 (not a surprising number) but have not been able to get this confirmed.
Has anyone tried/done this before?
We are migrating from samba servers running on FreeBSD with modified kernels which allow users to be in thousands of groups (don't laugh; I don't want to go into the reasons) because this facilitates our companies working practices.
Thanks
Francois